OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Feature Request
  • Category Packages
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by dllud - 27.12.2018

FS#2029 - fw3, IPv6: create rules with hostnames instead of dest_ip

Currently, opening a port on fw3 to allow a local server to be reached from the Internet via IPv6, requires the hardcoding of the destination IPv6 address in the

dest_ip

option. Here's the example on the fw3 IPv6 Configuration Examples wiki page:

config rule
        option src       wan
        option proto     tcp
        option dest      lan
        option dest_ip   2001:db8:42::1337
        option dest_port 80
        option family    ipv6
        option target    ACCEPT

Having an hardcoded IPv6 address becomes troublesome when the public IPv6 prefix changes. This can happen regularly with some ISPs, forcing users to edit the rule.

It would much helpful if one could specify a destination hostname instead of an IP address. fw3 would then have to check the current leases and translate the hostname.

An hardcoded IP address in the firewall rules was no issue with IPv4, since on most scenarios all destination addresses were local and could be statically attributed on

/etc/config/dhcp

. IPv6 public prefix delegation changes this and IMO requires more flexible rules on fw3.

This feature request follows the How to set up OpenWrt traffic rule for port forwarding IPv6 server on my LAN? question on SuperUser by James Johnston.

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing